They’ve stated that they are using Mac minis as relays. They claim that they do not store messages or credentials, but I don’t see how that’s possible if it relies on a Mac or iOS relay server that they control.
They might be able to relay them in a way that the end to end encryption is actually handled on the phone and the relay only relays encrypted messages.
That would likely still give them a capability to MitM but it’s plausible that they couldn’t passively intercept the messages.
You give them the credentials for your Apple account. The security concept is “trust me bro” and that’s really the best they can do unless Apple helps them (which they have no reason to)
They might be able to relay them in a way that the end to end encryption is actually handled on the phone and the relay only relays encrypted messages.
They’d need to control the app on both phones in order to control what it’s encrypting/decrypting. Their system only works because they’ve got a device in the middle separately decrypting/re-encrypting each message. Google’s Messages app can’t read iMessages; Apple’s Messages app can’t read Google’s proprietary encrypted RCS messages.
Of course if you want universally cross-platform messaging, complete with full-resolution photos and available with end-to-end encryption, there’s this crazy new technology called “email.” I feel like there’s a missed opportunity for making setting up S/MIME easier.
If it’s anything like Beeper 's Matrix bridge then it’s E2EE Matrix encrypted between your device and the bridge server and then using Apple’s iMessage encryption between the bridge server and Apple/the other user.
The weak point is always going to be the bridge software as by necessity the message must be decrypted there to re-encrypt for iMessage.
At least in Beeper/Matrix the bridge software is open source and one can host their own bridge while continuing to use the existing Beeper/Matrix main server.
Doing so gives you no-trust security since the Beeper/Matrix host cannot decrypt the messages between you and the bridge you control and rubbing your own bridge eliminates that weak point.
They use a Mac mini somewhere to route these messages. So you’re logging into that Mac mini with your iCloud credentials. Sounds like a privacy/security nightmare and creepy as fuck.
It seems like all efforts to “bridge” imessage to anything outside apple software work this way - there’s a Matrix bridge and a dedicated open source app and they both rely on the imessage client on a mac. Is there a legitimate reason for it not being reverse-engineered yet?
Is there a legitimate reason for it not being reverse-engineered yet?
The actual protocol isn’t a secret. It’s that the authentication of the device relies on a hardware key, and that key is fully locked down by Apple (as it also secures the user’s biometric logins, keyring, financial information in Apple Wallet, etc.).
If it relies on a hardware key then why is it that I can get the same setup working with a macos virtual machine?
Using [BlueBubbles] (https://bluebubbles.app/) for anyone wondering.
I predict one of two outcomes once Apple becomes aware of this. Either they’ll modify the iMessage protocol to break Nothing Phones compatibility, or they’ll sue Nothing Phone for violating some kind of IP law. Apple absolutely wants to maintain their walled garden and letting a non-Apple product transparently interact on equal footing with Apple products runs counter to that.
Outcome 3: they buy whatever company is responsible for creating this compatibility layer, slowly integrate it so they can skate past several international regulations/lawsuits trying to open iMessage, and declare victory.
Why would they buy a company that is using a workaround when they could just make an iMessage app for android
Because that’s not their goal, they absolutely don’t want iMessage to work on Android, at least not without severe limitations. They want Android to look like a second class citizen. If they bought the intermediary company it would be with the intent of strangling it not expanding it. They’ll just slow walk the murder so that regulators don’t take too much notice.
The messaging is provided by a third party who is dedicated to working on their iMessage compatibility. Apple has no reason to stop this because this is a good move for them in the larger battle between mobile messaging standards.
Google owns Jibe, the company behind RCS messaging found on all Android phones and an emerging, competent product from the only game in town that can compete with Apple. Google has decided to take this to the government level and push for a unified phone messaging standard, normally a good thing, but proposed their own RCS solution. The one they own and whose servers Google scrapes for user info.
Apple is pushing iMessage as a protest against Google and their inevitable lawsuit to conform with RCS adoption. Android may win unless Apple shows it has parity and provides a non-legislative option: if enough people use iMessage then governments don’t have to make any laws or enforce changes. The company Nothing is using iMessage, which helps Apple prove there is both a significant user base, which would cause a burden on Apple and it’s customers to change, and there is no monopoly on iMessage or messaging in general. So if enough people use iMessage, Apple sees it as a good thing.
RCS is not a Google product, see https://en.m.wikipedia.org/wiki/GSMA
Apple has been pushing iMessage for quite some time, but they want to keep it just to their platform and have made no attempt to make it open to other users. That’s Apples way and it’s not as a “protest” to Google lol
That’s like saying they made the lightning port as a protest to USB standards, nah they just want their proprietary shit.
Google’s RCS service is unique in that it is not telecom based. I would advise looking at the RCS Wikipedia article here.
Apple’s ideology behind not expanding iMessage to other platforms has been - at least in part - due to the security of the iMessage platform and how it authorizes senders and recipients (like many encrypted services on Apple devices, tokens are encrypted/decrypted in the Secure Enclave on the SoC). Apparently, Apple has low confidence in the diaspora of Android devices and just decided to forget even trying to create a client for Android it could tie down to hardware authentication due to not having a reliable hardware base. This was many years ago.
I don’t know if this is still true or even necessary today, or if they’ve even bothered to explore it recently, but that’s Apple’s main issue. Sure, it also benefits them in other ways such as driving users to their platforms, but this is their main issue.
That’s like saying they made the lightning port as a protest to USB standards, nah they just want their proprietary shit.
They wanted a new, compact, durable, reversible plug for their mobile devices. There was no industry-standard option that met their requirements, so they made their own. If USB-C had existed at the time, they would have used it (though as a physical connector, Lightning is still just plain better).
Apple has no reason to stop this because this is a good move for them in the larger battle between mobile messaging standards.
Uhhhh no? Don’t know if you’ve noticed but Apple is winning the battle between messaging standards, and they like it that way.
Apple is pushing iMessage as a protest against Google and their inevitable lawsuit to conform with RCS adoption.
What? iMessage is a decade older than RCS…
Nah, Apple doesn’t care.
These bridges like the ones found in Beeper/Matrix require a Mac server to perform the handshake with Apple’s.
As long as these servers require Apple hardware to function Apple is making money.
It’s roughly equivalent to running iMessage on your Mac at home and making an Android/PC app that remotely sends/receives messages to/from that iMessage app on your Mac.
Solving the “blue bubble” problem is easy. Stop giving a fuck about what iPhone users care about.
They want iPhone users to have want they want and need when switching to Android. I think it’s not a bad idea. Personally, I find MMS to be horrible. Not because of lack of features but because it is different for everybody in one group chat. The messages become out of order, things don’t send but say they do, etc. iMessage isn’t the best solution, but if I’m being kicked out of group chats because I’m that one person making it MMS, then I’m all for iMessage on Android.
No. Just no. Apple does not get to unilaterally make new protocols for the world.
I don’t want them to either but we both know rcs will not be supported on Apple. At least not easily.
I’m an adult, and I deal with family members bitching at me that are over 50. I explain to them every time that this is 100% Apple’s designed problem, and they like to roll their eyes in response.
Apple users CAN be really fucking annoying to deal with. In my admittedly limited experience, most of them are this way.
I’m an iPhone user and I don’t care about this. Not everyone who has an iPhone gives a shit about what phones other people use. Use whatever phone you want and whatever computer you want and whatever OS you want and stop giving a fuck about what other people use like it’s some sort of crime.
The stupidest thing about this is cultural identification with the message apps “bubble” color.
Isn’t it the fact that there will be features missing if someone doesn’t have iMessage? I genuinely don’t think anybody would care if it were just the color of the bubble that was different and nothing else.
I think green bubbles (non iPhone) means it’s using SMS so it can cost people money to send messages, especially images which would be sent as MMS I guess.
I’m an Android user though so I don’t really know. Also I’m in Europe where nobody cares and just uses Signal, WhatsApp or Telegram.
it’s using SMS so it can cost people money to send messages
This is basically the historical and cultural reason why the US uses SMS and MMS: basically every phone plan has unlimited SMS before smartphones became popular, so any smartphone OS needed to seamlessly support it for adoption. Apple successfully bridged that SMS interface into a proprietary messaging protocol and app even while maintaining backwards compatibility with SMS and MMS, but not the new standard that came out after the iPhone.
The kids care. Even in Europe. My nephew and niece had to get iPhones, and soon my son will have to get one or be socially left out. It’s a serious crisis made by greedy corporations is what it really is.
Yes. The iPhone to MMS connection has filesize limits that basically make sending video horribly compressed, and even still images are visibly limited in quality.
And then message reactions aren’t directly supported in MMS, so it becomes a clunky communications experience between iPhone and Android texting.
There’s also delivery confirmation, read receipts, and other indicators in an iMessage chat that aren’t supported in MMS.
The color of the bubble is a subtle UI indicator of what features are supported in the chat.
It’s a status symbol, sure… it may be stupid and primitive as a trophy around a caveman’s neck… but we are just wired like that.
Nothing special here.
How is it not natural to want a status symbol? However I agree that companies abuse that to gain power and profit, I’m not questioning that.
